From 768405fddf64ff83aa6ef701ebb3c1f82d98a2f3 Mon Sep 17 00:00:00 2001 From: "naddy@openbsd.org" Date: Wed, 3 May 2017 21:08:09 +0000 Subject: [PATCH] upstream commit remove miscellaneous SSH1 leftovers; ok markus@ Upstream-ID: af23696022ae4d45a1abc2fb8b490d8d9dd63b7c --- clientloop.c | 4 ++-- kex.h | 5 +---- opacket.h | 8 -------- packet.c | 21 ++------------------- packet.h | 3 +-- pathnames.h | 3 +-- ssh.h | 4 ++-- ssh_config.5 | 9 ++------- sshkey.h | 4 +--- 9 files changed, 12 insertions(+), 49 deletions(-) diff --git a/clientloop.c b/clientloop.c index dbc2c85c6..367b682ff 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.295 2017/04/30 23:28:41 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.296 2017/05/03 21:08:09 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -942,7 +942,7 @@ print_escape_help(Buffer *b, int escape_char, int mux_client, int using_stderr) } /* - * Process the characters one by one, call with c==NULL for proto1 case. + * Process the characters one by one. */ static int process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr, diff --git a/kex.h b/kex.h index 3794f2127..13b22351f 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.81 2016/09/28 21:44:52 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.82 2017/05/03 21:08:09 naddy Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -225,9 +225,6 @@ int kexc25519_shared_key(const u_char key[CURVE25519_SIZE], __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); -int -derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); - #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) void dump_digest(char *, u_char *, int); #endif diff --git a/opacket.h b/opacket.h index c487f4f40..46d31f805 100644 --- a/opacket.h +++ b/opacket.h @@ -6,7 +6,6 @@ void ssh_packet_start(struct ssh *, u_char); void ssh_packet_put_char(struct ssh *, int ch); void ssh_packet_put_int(struct ssh *, u_int value); void ssh_packet_put_int64(struct ssh *, u_int64_t value); -void ssh_packet_put_bignum(struct ssh *, BIGNUM * value); void ssh_packet_put_bignum2(struct ssh *, BIGNUM * value); void ssh_packet_put_ecpoint(struct ssh *, const EC_GROUP *, const EC_POINT *); void ssh_packet_put_string(struct ssh *, const void *buf, u_int len); @@ -17,7 +16,6 @@ void ssh_packet_send(struct ssh *); u_int ssh_packet_get_char(struct ssh *); u_int ssh_packet_get_int(struct ssh *); u_int64_t ssh_packet_get_int64(struct ssh *); -void ssh_packet_get_bignum(struct ssh *, BIGNUM * value); void ssh_packet_get_bignum2(struct ssh *, BIGNUM * value); void ssh_packet_get_ecpoint(struct ssh *, const EC_GROUP *, EC_POINT *); void *ssh_packet_get_string(struct ssh *, u_int *length_ptr); @@ -62,8 +60,6 @@ void packet_read_expect(int expected_type); ssh_packet_get_protocol_flags(active_state) #define packet_start_compression(level) \ ssh_packet_start_compression(active_state, (level)) -#define packet_set_encryption_key(key, keylen, number) \ - ssh_packet_set_encryption_key(active_state, (key), (keylen), (number)) #define packet_start(type) \ ssh_packet_start(active_state, (type)) #define packet_put_char(value) \ @@ -78,8 +74,6 @@ void packet_read_expect(int expected_type); ssh_packet_put_cstring(active_state, (str)) #define packet_put_raw(buf, len) \ ssh_packet_put_raw(active_state, (buf), (len)) -#define packet_put_bignum(value) \ - ssh_packet_put_bignum(active_state, (value)) #define packet_put_bignum2(value) \ ssh_packet_put_bignum2(active_state, (value)) #define packet_send() \ @@ -88,8 +82,6 @@ void packet_read_expect(int expected_type); ssh_packet_read(active_state) #define packet_get_int64() \ ssh_packet_get_int64(active_state) -#define packet_get_bignum(value) \ - ssh_packet_get_bignum(active_state, (value)) #define packet_get_bignum2(value) \ ssh_packet_get_bignum2(active_state, (value)) #define packet_remaining() \ diff --git a/packet.c b/packet.c index f997064cb..533bd1e61 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.252 2017/04/30 23:28:42 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.253 2017/05/03 21:08:09 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -184,10 +184,6 @@ struct session_state { u_int32_t rekey_interval; /* how often in seconds */ time_t rekey_time; /* time of last rekeying */ - /* Session key for protocol v1 */ - u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; - u_int ssh1_keylen; - /* roundup current message to extra_pad bytes */ u_char extra_pad; @@ -278,8 +274,7 @@ ssh_packet_is_rekeying(struct ssh *ssh) } /* - * Sets the descriptors used for communication. Disables encryption until - * packet_set_encryption_key is called. + * Sets the descriptors used for communication. */ struct ssh * ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) @@ -796,18 +791,6 @@ uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) /* NOTREACHED */ } -/* - * Causes any further packets to be encrypted using the given key. The same - * key is used for both sending and reception. However, both directions are - * encrypted independently of each other. - */ - -void -ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) -{ - fatal("no SSH protocol 1 support"); -} - int ssh_set_newkeys(struct ssh *ssh, int mode) { diff --git a/packet.h b/packet.h index b169f4ea1..b82f45a75 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.78 2017/04/30 23:23:54 djm Exp $ */ +/* $OpenBSD: packet.h,v 1.79 2017/05/03 21:08:09 naddy Exp $ */ /* * Author: Tatu Ylonen @@ -93,7 +93,6 @@ void ssh_packet_set_nonblocking(struct ssh *); int ssh_packet_get_connection_in(struct ssh *); int ssh_packet_get_connection_out(struct ssh *); void ssh_packet_close(struct ssh *); -void ssh_packet_set_encryption_key(struct ssh *, const u_char *, u_int, int); void ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *); int ssh_packet_is_rekeying(struct ssh *); diff --git a/pathnames.h b/pathnames.h index a8deb9fc6..cff672e2f 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.25 2016/03/31 05:24:06 dtucker Exp $ */ +/* $OpenBSD: pathnames.h,v 1.26 2017/05/03 21:08:09 naddy Exp $ */ /* * Author: Tatu Ylonen @@ -36,7 +36,6 @@ */ #define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" -#define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key" #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" diff --git a/ssh.h b/ssh.h index 882768c5f..08d05ce29 100644 --- a/ssh.h +++ b/ssh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.h,v 1.85 2017/04/30 23:28:12 djm Exp $ */ +/* $OpenBSD: ssh.h,v 1.86 2017/05/03 21:08:09 naddy Exp $ */ /* * Author: Tatu Ylonen @@ -47,7 +47,7 @@ #define PROTOCOL_MAJOR_1 1 #define PROTOCOL_MINOR_1 5 -/* We support both SSH2 */ +/* We support only SSH2 */ #define PROTOCOL_MAJOR_2 2 #define PROTOCOL_MINOR_2 0 diff --git a/ssh_config.5 b/ssh_config.5 index a565f330d..e8e51d2cb 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.245 2017/04/30 23:18:22 djm Exp $ -.Dd $Mdocdate: April 30 2017 $ +.\" $OpenBSD: ssh_config.5,v 1.246 2017/05/03 21:08:09 naddy Exp $ +.Dd $Mdocdate: May 3 2017 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1564,11 +1564,6 @@ If set to .Cm yes , .Xr ssh 1 must be setuid root. -Note that this option must be set to -.Cm yes -for -.Cm RhostsRSAAuthentication -with older servers. .It Cm User Specifies the user to log in as. This can be useful when a different user name is used on different machines. diff --git a/sshkey.h b/sshkey.h index 0012f885d..fc1956605 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.16 2017/04/30 23:18:44 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.17 2017/05/03 21:08:09 naddy Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -184,8 +184,6 @@ int sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **keyp); int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, const char *passphrase, const char *comment, int force_new_format, const char *new_format_cipher, int new_format_rounds); -int sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, - struct sshkey **keyp, char **commentp); int sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, struct sshkey **keyp, char **commentp); int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,